Credit accounts are convenient and widely used, but they are acutely susceptible to theft. Billions of dollars are lost annually to credit card fraud. Particularly, credit card numbers are copied and used without permission. Within minutes, thieves can purchase thousands of dollars worth of merchandise, and the unsuspecting consumer eventually pays one way or another. Copying may take many forms. A thief may, for example, catch a glimpse of an actual credit card and copy the number by writing the number on a piece of paper. Alternatively, a thief may intercept a digital signal representative of the credit card number and utilize such a digital signal at a later time. It is therefore desirable to provide systems and methods that completely eliminate the possibility for such types of credit card fraud.
There have been many attempts to prevent the illegal or fraudulent use of credit cards and/or debit cards in shopping malls, over the Internet, and at Automated Teller Machines (ATMs). These efforts include Personal Identification Numbers (PINs), the use of mother's maiden names as a secret identification, and requiring credit card holders to use additional ID cards such as a driver license. All attempts to use static information such as these are not completely secure, since such information can be easily learned or stolen and passed on to other users. Once the static identification number is learned, it may be used to make fraudulent credit card purchases until the fraud is detected and the credit card account is closed.
In addition to the PIN system mentioned above, the CVV (card verification and validation) number is an additional security system currently in place for purchases using a credit card where the card is not physically present, such as for internet or telephone transactions. The CVV number may be alternatively called CVV2 or CID (card identification) or CCV (credit card verification or validation) by various credit card companies. The CVV number is typically printed on the back of the credit card, as with MasterCard® or VISA®, but may be on the front of the card, as with American Express®. This number typically uses three digits, but may use four as with American Express®. Merchants are not allowed to store CVV numbers in their database with the credit card number, as a security measure, such that these numbers will not be disseminated if a merchant's database is compromised. Also, since the CVV number is not in the database, each transaction must be accompanied by a new request for the number from the cardholder. Nevertheless, since the CVV numbers are disclosed to the merchants, their employees, and anyone in the communications chain, they may easily be recorded and passed on in a fraudulent manner.
Although systems and methods for validating credit cards and preventing the illegal use of credit cards are known, they all have drawbacks. Some are too complex and require new card types to be issued and new merchant hardware for their use, and others are too easily learned and passed on to other users. There remains a need for a simple verification method for detecting stolen or fraudulent credit card use. In light of this, it would be advantageous to provide a system and method for securing credit card transactions that does not generate information that may be easily determined and passed on to others to generate fraudulent transactions.